As connectivity to the Internet and to network applications has grown in recent years, so has the need for providing more robust network-oriented techniques for authenticating network identities. This need has been significantly heightened as more and more high-value transactions involving sensitive information such as online banking and the like are made available through the Internet.
However, adding additional layers of security to legacy applications may be expensive and error prone. For example a typical legacy application may utilize a number of front-line application servers in communication with a back-end information systems and/or databases. In order to modify the authentication system of such an application, code must be updated on each front-line server. And, if authentication is required for the back-end systems, provisions must be made to update those services with the new authentication system as well. This problem may be further complicated by the fact that many legacy applications are written using older programming languages such as COBOL, PL1, etc., which many programmers no longer use. Thus, any change to such an application is likely to be time consuming, expensive and error prone. Additionally, the maintainers of any legacy application servers may not be expert in security programming, requiring the company to bring in specialists, which in turn may give rise to additional time and expense. A similar set of problems may even arise in developing of new application service, particularly if the developers are not expert in security programming and lack the tools to develop a strong authentication system.
Furthermore, the problem cannot be ignored solely on the basis of inconvenience because the federal government has recently mandated that enhanced and improved security techniques be implemented for financial services, such as on-line banking. These institutions are now faced with difficult choices in order to comply with the new regulations, either the services are to be removed or the services are to be rewritten in order to conform to the new government regulations. Neither of these options is particularly appealing to the financial services. Thus, there is a desire to provided improved techniques for augmenting the security mechanisms of legacy applications or services without rewriting those legacy applications or services.